To mark the start of a new year, the Korean security industry has set its goal. According to the ‘2020 Security Threat’, security organisations such as KISA (Korea Internet & Security Agency), Financial Security Institute, and specialised domestic security companies such as Igloo Security, ESTSecurity, SOPHOS, SK Infosec, Check Point, and Trend Micro have selected 7 cyber security keywords for the year 2020. They are: AI; Ransomware; Supply Chain Attacks; Cloud; IoT; Malicious Emails; & the Dark Web.
1. Artificial Intelligence
AI has been around for quite a while, and one of its most memorable advancements was the development of AlphaGo by DeepMind and Google, a computer program which played the board game ‘Go’ against world champion Lee Se-dol. AlphaGo was able to use its collected data to achieve its goal. The so called ‘weak AI’ used on AlphaGo was also applied to various fields within cyber-security. The number of such AI security solutions is on the rise and so is the number of attackers misusing AI.
Careful observations on malware features, abnormal acts, characteristics of its attackers, and machine learning based AI algorithms enable the defenders to deal with cyber threats. However, such observations also give the attackers a chance to invent new attack methods. Since the risk of inputting false data and many other unresolved errors are relatively high in AI, defenders must always stay alert.
Even though most security solutions are built and driven on human logic-based detection engines, it is impossible to keep the latest technology, its devices, and threats manually up to date. To solve this problem, AI is useful for detecting threats, accelerating its response speed, and blocking out the attacks before its proliferation. However, stronger malwares will be developed, and weaknesses will be exposed as cyber criminals continue to use the same technologies while the defenders seek for ways to neutralise the threats.
Over the past years, ransomware has been aimed at countless targets. However, its new method of attack now aims at specific targets, where companies, communities, and public institutions are at risk. Companies with strong financial powers are most likely to be their targets as the attackers will be rewarded with huge sums of money for their success. Those providing Infrastructure and Database storage, local government and healthcare organisations, are listed as the main targets of ransomware attacks.
3. Supply Chain Attack
Supply Chain cyber-attack affects the organisation by targeting less-secure elements in the supply network. Supply Chain attacks were already on the list of the 7 Cyber-security keywords last year, and still manages to maintain its place. Such attacks will continue to infiltrate into the supply chain through third party systems and services. Therefore, due to its weak security systems, those purchasing third party vendor products and services must take extra precaution.
4. Cloud - It is pointed out that Cloud computing’s largest vulnerability is the operator’s configuration error. More complex and flexible Cloud systems will eventually lead to a greater number of errors and reveal itself as a target for many cyber attackers.
5. Malicious Emails
Receiving emails containing malware is not a new thing anymore. The Financial Security Institute warns us how malware email attacks are becoming more cunning and harder to block. Spear Phishing, a traditional method of attack which uses HWP and DOC documents, will not stop this year.
6. Internet of Things
Building castles in the air was the perfect phrase to describe how IoT was perceived. However, IoT has now become a part of our lives. People can now watch YouTube on their refrigerators, and gas valves can be closed by using Smartphone applications. Many are experiencing an easier lifestyle but are also suffering from cyber threats.
IoT devices connected to 5G networks are now more commonly used. However, network weaknesses leading to large scale multi vector 5G cyber-attacks are predicted to increase in large numbers. The main problem is that the network security between IoT devices, its network, and Cloud is still unstable. This makes it harder to recognise with clear visibility of all the connected devices and requires complex security requirements. A macroscopic Holistic Approach is essential for attaining IoT security. Existing regulations and new ones must be integrated in order to protect the developing networks of all industries and business fields.
7. Dark Web
Due to several incidents, the Dark Web, which was only known to cyber attackers and security professionals, is now well-known to the public. For example, Warez and Webhard are the two programs in which Netizens in Korea can improve their networking skills, but also leads them to be involved in distributing illegal programs and even in cybercrime.
Personal information and hacking tools traded on the Dark Web are mostly used for attacks. The Dark Web has a high chance of being used in the hacking market, where attacks such as credential stuffing, spear phishing, and smishing, all misuse personal information. The Dark Web is also a place where financial crimes take place, and it was for this reason why the Financial Security Institute included the Dark Web on the 9 Cyber-security issues of 2020.